Sha256: 20d11d7655e395c0ebf82fac3e22c2bb357a80c3e504d636b63226b9f26e9d61
Contents?: true
Size: 763 Bytes
Versions: 1
Compression:
Stored size: 763 Bytes
Contents
--- gem: actionpack cve: 2012-1099 url: http://www.osvdb.org/show/osvdb/79727 title: Ruby on Rails actionpack/lib/action_view/helpers/form_options_helper.rb Manually Generated Select Tag Options XSS description: | Ruby on Rails contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate manually generated 'select tag options' upon submission to actionpack/lib/action_view/helpers/form_options_helper.rb. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. cvss_v2: 4.3 patched_versions: - ~> 3.0.12 - ~> 3.1.4 - ">= 3.2.2"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.1.2 | data/ruby-advisory-db/gems/actionpack/2012-1099.yml |